<?php
include "connect.php";
include "var.php";
session_start();
print "<script src='../../js/power.js' type='text/javascript'></script>";
print "<link rel='stylesheet' type='text/css' media='screen, projection' href='../../css/power.css' />";
print "<!--[if IE 7]><link rel='stylesheet' type='text/css' media='screen, projection' href='../../css/power_ie7.css' /><![endif]-->";
$user=$_SESSION['user'];
$selectuser="SELECT * from b_users a, b_templates b where b.templateid=a.templateclass and a.username='$user'";
$selectuser2=mysql_query($selectuser);
$selectuser3=mysql_fetch_array($selectuser2);
print "<link rel='stylesheet' href='style.css' type='text/css'>";

if ($selectuser3[status]>=3)
   {


    if(isset($_GET['ID']))
    {
     $ID=$_GET['ID'];
     if(isset($_POST['submit']))
     {
	  $sep=$_POST['sep'];
      $itemid=$_POST['itemid'];
      $name=$_POST['name'];
      $sort=$_POST['sort'];
      $color=$_POST['color'];
	  $cat=$_POST['cat'];
	  $cost=$_POST['cost'];
	  $charges=$_POST['charges'];
      print "<br><br><br><br><table border='0'>";
      print "<tr><td valign='top'><center>";
      print "<table width='70%' border='0' class='maintable'>";
      print "<tr class='headline'><td width='300px'>Admin Options";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      include "adminleft.php";
      print "</td></tr></table></center></td>";
      print "<td valign='top' width='75%'><p align='left'>";
      print "<table width='90%' border='0' class='maintable'>";
      print "<tr class='headline'><td>Edit Items";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      $updateitem="UPDATE b_shop set sep='$sep', name='$name', itemid='$itemid', color='$color', cat='$cat', sort='$sort', cost='$cost', charges='$charges' where id='$ID'";
      mysql_query($updateitem) or die("could not edit forum");
      print "Item edited successfully";
      print "</td></tr></table>";    
      print "</center>";
     }
     else
     {
      print "<br><br><br><br><table border='0'>";
      print "<tr><td valign='top'><center>";
      print "<table width='70%' border='0' class='maintable'>";
      print "<tr class='headline'><td width='300px'>Admin Options";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      include "adminleft.php";
      print "</td></tr></table></center></td>";
      print "<td valign='top' width='75%'><p align='left'>";
      print "<table width='90%' border='0'  class='maintable'>";
      $editforum="SELECT * from b_shop where id='$ID'";
      $editforum2=mysql_query($editforum) or die("Could not display forum details");
      $editforum3=mysql_fetch_array($editforum2);	  
      print "<tr class='headline'><td>Edit Item -> $editforum3[name]";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      print "<form action='edititems.php?ID=$editforum3[id]' method='post'>";
	  if ($editforum3[sep]=="0") {
	  print "<strong>Is item: </strong><select name='sep'>
		<option selected='selected' value='0'>Yes</option>
		<option value='1'>No</option></select>  (this is item, change to \"No\" to convert to category title)
		<br><br>";}
	  else {
	  print "<strong>Is item: </strong><select name='sep'>
		<option value='0'>Yes</option>
		<option selected='selected' value='1'>No</option></select>  (this is category title, change to \"Yes\" to convert to item)
		<br><br>";
	  }
      print "<b>Item Name:</b><br>";
      print "<input type='text' name='name' value='$editforum3[name]' length='45'><br><br>";
      print "<strong>Item ID:</strong><br>";
      print "<input type='text' name='itemid' value='$editforum3[itemid]'><br><br>";
	  print "<strong>Color:</strong> (blue=#0f64dd - orange=orange - white=white - green=#1dff08 - purple=#8f35d2)<br>";
      print "<input type='text' name='color' value='$editforum3[color]'><br><br>";
	   print "<b>Cost Points:</b><br>";
      print "<input rows='15' name='cost' cols='60' value='$editforum3[cost]'><br><br>";
      print "<b>Category:</b><br>";
      print "<input rows='15' name='cat' cols='60' value='$editforum3[cat]'><br><br>";
	   print "<b>Sort:</b> (lower values first)<br>";
      print "<input rows='15' name='sort' cols='60' value='$editforum3[sort]'><br><br>";
	  
	  print "<b>Charges:</b> (default 0, if there is item that requires charges put value here)<br>";
      print "<input rows='15' name='charges' cols='60' value='$editforum3[charges]'><br><br>";
	  
      print "<input type='submit' name='submit' value='submit'></form>";
      print "</td></tr></table>";    
      print "</center>";
     }
    }
    else if(isset($_GET['DEL']))
	{
	  $DEL1=$_GET['DEL'];
      print "<br><br><br><br><table border='0'>";
      print "<tr><td valign='top'><center>";
      print "<table width='70%' border='0' class='maintable'>";
      print "<tr class='headline'><td width='300px'>Admin Options";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      include "adminleft.php";
      print "</td></tr></table></center></td>";
      print "<td valign='top' width='75%'><p align='left'>";
      print "<table width='90%' border='0' class='maintable'>";
      print "<tr class='headline'><td>Are you sure you want delete this item from list?";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      print "<br><A href='edititems.php?delete=$DEL1'>Yes, delete this Item</a>";
      print "</td></tr></table>";    
      print "</center>"; 
	}
	    else if(isset($_GET['delete']))
	{
	  $DEL2=$_GET['delete'];
      print "<br><br><br><br><table border='0'>";
      print "<tr><td valign='top'><center>";
      print "<table width='70%' border='0' class='maintable'>";
      print "<tr class='headline'><td width='300px'>Admin Options";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      include "adminleft.php";
      print "</td></tr></table></center></td>";
      print "<td valign='top' width='75%'><p align='left'>";
      print "<table width='90%' border='0' class='maintable'>";
      print "<tr class='headline'><td>Delete News";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      $delnews="DELETE from b_shop where id='$DEL2'";
      mysql_query($delnews) or die("could not delete news");
      print "Item deleted successfully";
      print "</td></tr></table>";    
      print "</center>"; 
	}
	else
    {
      print "<br><br><br><br><table border='0'>";
      print "<tr><td valign='top'><center>";
      print "<table width='70%' border='0' class='maintable'>";
      print "<tr class='headline'><td width='300px'>Admin Options";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      include "adminleft.php";
      print "</td></tr></table></center></td>";
      print "<td valign='top' width='75%'><p align='left'>";
      print "<table width='90%' border='0' class='maintable'>";
      print "<tr class='headline'><td>Edit Items";
      print "</td></tr>";
      print "<tr class='forumrow'><td>";
      $forumdisp="SELECT * from b_shop order by cat,sort,cost $item";
      $forumdisp2=mysql_query($forumdisp) or die("Could not display items");
      print "<br><center><table class='maintable' width='100%'>";
      print "<tr class='headline'><td><b>Item Title</b></td>";
      print "<td>Sort</td><td>Category</td><td>Cost points</td>";
      print "<td>Edit</td><td>Delete?</td></tr><tr><td colspan='5'>&nbsp;</td></tr>";
     
        while ($forumdisp3=mysql_fetch_array($forumdisp2))
        {
		   if ($forumdisp3[sep]=="0") {  
              print "<tr class='forumrow'><td valign='top'>";
			  print "&nbsp;&nbsp;&nbsp;<a href='#' type='http://www.wowhead.com/?item=$forumdisp3[itemid];' style='color: $forumdisp3[color];' onclick='return false;'>$forumdisp3[name]</a>";
			  print "</td>";
              print "<td valign='top'>$forumdisp3[sort]</td><td valign='top'>$forumdisp3[cat]</td><td valign='top'>$forumdisp3[cost]</td>";
              print "<td valign='top'><A href='edititems.php?ID=$forumdisp3[id]'>Edit</a></td>";
			  print "<td valign='top'><A href='edititems.php?DEL=$forumdisp3[id]'>Delete</a></td></tr>";
			  } else {
			  print "<tr class='forumrow'><td valign='top'>";
			  print "<font color='$forumdisp3[color]'>$forumdisp3[name]</font>";
			  print "</td>";
              print "<td valign='top' colspan='3'>&nbsp;&nbsp;&nbsp;&lt;category seperator&gt;</td>";
              print "<td valign='top'><A href='edititems.php?ID=$forumdisp3[id]'>Edit</a></td>";
			  print "<td valign='top'><A href='edititems.php?DEL=$forumdisp3[id]'>Delete</a></td></tr>";
			  }
            
        }    
        mysql_data_seek($forumdisp2,0); 
      
      print "</table></center>";
      print "</td></tr></table>";    
      print "</center>";
     }
    
   }
else
   {
     print "<br><br><br><br><table width='70%' border='0'>";
     print "<tr class='headline'><td><center>Not logged in as Admin</td></tr>";
     print "<tr class='forumrow'><td>";
     print "You are not logged in as Administrator, please log in.";
     print "<form method='POST' action='../authenticate.php'>";
     print "Type Username Here: <input type='text' name='username' size='15'><br>";
     print "Type Password Here: <input type='password' name='password' size='15'><br>";
     print "<input type='submit' value='submit' name='submit'>";
     print "</form>";
     print "</td></tr></table>";
   }

?>